I needed to write a iptables rule to block outbound traffic to a specific host here.
Now I need to write a similar rule which will not block the entire host but just a single port to a host.
The rule is very simlar to the previously state but with the port flag, see below.
iptables -A OUTPUT -p tcp --dport 8080 -d 10.1.2.6 -j DROP
I was in a situation today where an application was talking to hosts it shouldn’t have. A quick way to stop this from happening was with iptables. Make sure you ping the host first before the rule and after to ensure it has taken affect.
The rule to block a specific IP is
iptables -A OUTPUT -d 10.0.0.69 -j DROP
To check the rule is in,
To remove the rule, the ‘1’ means the first line in the table, in this case this was the only outbound rule.